Method and System for Preventing and Detecting Identity Theft

ABSTRACT

A system, method and computer program product for receiving information relating to a financial account of an individual from at least one first data provider; receiving information relating to at least one of an identity theft expense reimbursement insurance policy of the individual, a public information relating to the individual, an identity theft risk score of the individual, a credit card registry of the individual, a backup data relating to the individual, a background information of the individual, and a business report relating to the individual, from at least one second data provider, and preparing a report relating to the individual&#39;s identity theft based on the information.

CROSS-REFERENCE TO RELATED MATERIAL

This application is related to, claims the benefit of under 35 U.S.C. Section 119(e), and is a non-provisional of U.S. Patent Application Ser. No. 60/777,150, entitled, “Method and System for Preventing and Detecting Identity Theft”, to ANDRINGA et al., Attorney Docket No. 27993-228261, filed Feb. 28, 2006, of common assignee to the present invention, the contents of which are incorporated herein by reference in their entireties.

FIELD OP INVENTION

The invention relates generally to privacy protection, and in particular to prevention and detection of identify theft.

BACKGROUND OF THE INVENTION

Today's modern economy demands access to personal identifying information in order to provide such services as health insurance, loans, jobs and even cell phone service. Unfortunately, mining that information can also be an illegal, but often low-risk goal for thieves. A recent study by Gartner, Inc. found that the identity thieves' risk of being caught is only 1 in 700. Identity theft is one of the fastest growing crimes in North America. Identity thieves can rob consumers of money, time, affordable credit, even their reputation and the consumer may not even realize it.

Under reported for years, the Federal Trade Commission (FTC) now says that as many as one in every eight American adults and one in every four households has been victimized by identity thieves in the past five years. Reports indicate that there have been over nine million new victims of identity theft per year for two years running, with over 36 million new victims of identity theft in the past five years. Ten million Americans in the past year alone have fallen victim to this destructive crime. At the current rate of growth in identity theft, approximately 20 percent of active U.S. consumers of credit will be victims of identity theft by 2007. Identity theft has been the top consumer complaint to the FTC for five years in a row.

While the rise of technology has been partly blamed for an increase in identity theft and fraud, many of the ways of identity thieves obtain personal information remain decidedly low-tech. In fact, the FTC estimates that 400,000 individuals have had their mail stolen and subsequently became the victims of identity theft just last year, ABC reported in February, 2004.

The costs of identity theft to individuals and businesses are astronomical and rising. The FTC reports that direct out-of-pocket losses to consumers of five billion dollars during the last year alone and says businesses and financial institutions lost a staggering 48 billion during the same time period. Additionally, the repercussions of Identity theft go far beyond the wallet for many individuals and businesses. Americans now spend almost three million hours resolving problems related to identity theft each year. Many victims report ongoing problems beyond direct financial loss, including loan or Insurance rejection, failure of pre-employment screening, criminal investigation or harassment by creditors, as a result of the fraud.

Identity theft is very difficult to prevent due to the myriad number of ways that identity thieves can access a consumer's private information. Private information can be accessed by stealing an individual's mail, wallet, etc. Additionally, online schemes are becoming much more prevalent. Phishing, pharming and tacking have become commonplace in the online world. Moreover, there have been numerous security breaches at large corporations, and not just data brokers and banks. Data on approximately 13.3 million consumers has been publicly reported by businesses, hospitals, universities and other organizations as lost or stolen in the first half of 2005. Additionally, a recent survey of 163 companies found that 75% of these companies reported that a serious security breach had occurred within the past twelve-month period.

Although the loss of personal information is concerning, the critical damage occurs when that theft of personal information is used to defraud. Identity fraud is a multi-faceted and evolving problem. It may surface as internet fraud, synthetic ID fraud, credit card and mortgage application fraud, non-credit card transactional fraud, and many others. The creation of new accounts and the takeover of existing accounts are among the most damaging methods used by identity thieves.

A large amount of information needs to be aggregated from disparate sources and then analyzed in order for an individual to prevent and/or detect the theft of their identity. Accordingly, there is need for a system and method to assist individuals in preventing or detecting identity theft.

SUMMARY OF THE INVENTION

Embodiments of the invention provide a system, method, and computer program product for preventing and/or detecting identity theft. Multiple layers of protection may be provided to prevent and/or detect potential identity theft. Identifying signs of identity theft early can help prevent thieves from committing fraud in an individual's name. A set of screening tools may be provided to help monitor an individual's personal profile and stop fraud in its tracks. With continuous electronic monitoring of an individual's personal information, prompt alerts may be sent when changes that may indicate an individual's identity has been compromised. The individual may then determine what actions to take in order to recover their identity quickly and minimize their financial loss.

A method according to an exemplary embodiment of the invention includes receiving first information relating to a financial account of an individual from at least one first data provider; receiving second information relating to at least one of an identity theft expense reimbursement insurance policy of the individual, a public information relating to the individual, an identity theft risk score of the individual, a credit card registry of the individual, a backup data relating to the individual, a background information of the individual, and a business report relating to the individual, from at least one second data provider; and preparing a report relating to the individual's identity theft based on the first and second information.

In the exemplary embodiment, the first information may be related to a financial account of the individual, a financial account monitoring of the individual, a brokerage account of the individual, or a monitoring of a credit card of the individual. Also, in the exemplary embodiment, where the second information is related to a public information of the individual, the second data provider may include a public record report provider, a public record monitoring and/or notification, or an internet monitoring & notification.

In a further exemplary embodiment, the method may further include receiving third information relating to the individual's credit from at least one third data provider, where the preparing of the report is based the first and second information, the first and third information, or the second and third information. In a yet further embodiment, the third information may be related to a credit report of the individual, a credit score of the individual, a credit monitoring of the individual, or a credit update of the individual.

A system according to an exemplary embodiment of the invention includes at least one first data provider, which may comprise a DDA (Direct Deposit Account) credit report, a DDA credit monitoring & notification, a brokerage account monitoring & notification, or a credit card transaction activity monitoring & notification; at least one second data provider, which may comprise an identity theft expense reimbursement insurance provider, a public record report provider, a public record monitoring & notification provider, an internet monitoring and/or notification provider, an identity theft risk score provider, a credit card registry, a data backup provider, a background screening provider, or a business report provider; and an identity theft engine which may receive information from the first and second data providers and create a report relating to an individual's identity theft. In a further embodiment, the system may further include a third data provider, which may comprise a credit report provider, a credit score provider, a credit monitoring provider, or a credit update provider.

A software program product according to an exemplary embodiment of the invention may perform a method that includes receiving first information relating to a financial account of an individual from at least one first data provider; receiving second information relating to at least one of an identity theft expense reimbursement insurance policy of the individual, a public information relating to the individual, an identity theft risk score of the individual, a credit card registry of the individual, a backup data relating to the individual, a background information of the individual, and a business report relating to the individual, from at least one second data provider; and preparing a report relating to the individual's identity theft based on the first and second information. In a further embodiment, the method may further include receiving third information relating to the individual's credit from at least one third data provider, where the preparing of the report is based the first and second information, the first and third information, or the second and third information. In a yet further embodiment, the third information may be related to a credit report of the individual, a credit score of the individual, a credit monitoring of the individual, or a credit update of the individual.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing and other features and advantages of the invention will be apparent from the following, more particular description of a preferred embodiment of the invention, as illustrated in the accompanying drawings, in which:

FIG. 1 depicts an example of a system according to an exemplary embodiment of the present invention;

FIG. 2 depicts a process flow according to an exemplary embodiment of the present invention; and

FIG. 3 depicts block diagram of an architecture according to an exemplary embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

Embodiments of the invention are discussed in detail below. In describing embodiments, specific terminology is employed for the sake of clarity. However, the invention is not intended to be limited to the specific terminology so selected. While specific exemplary embodiments are discussed, it should be understood that this is done for illustration purposes only. A person skilled in the relevant art will recognize that other components and configurations can be used without parting from the spirit and scope of the invention.

Vast amounts of personal information regarding individuals am now collected and stored by companies, governments, etc. The personal information Is typically obtained by independent entities and stored at disparate locations. As such, individuals do not currently have means by which to easily view the collective information gathered regarding themselves. When viewed separately, this information may be of limited value to the individual in preventing or detecting identity theft. However, when the information is viewed collectively by the individual, a different picture may emerge. Viewing the collective information may provide the individual insight into their risk of identity theft or help in early detection of an identity theft that has, unfortunately, already occurred.

Embodiments of the present invention provide a unified view and tool for collecting, viewing and analyzing personal information. Data may be imported from many different independent sources into a common correlated data set. The data set may be stored in a database. A user interface that allows an individual to view the data may also be provided.

Embodiments of the present invention may also include a system that provides and collects information through a distributed computer network. A central datastore integrates information regarding the risk of identity theft. The central datastore may be derived from a variety of data sources and may provide information to multiple system users, such as a theft engine or individual users. The central datastore may also be enhanced to dynamically interact with other information servers (e.g., through client-server database standards, middleware, or multi-tier architecture).

Turning now to FIG. 1 , a system 100 including a number of different data providers is shown. The data providers provide information and may include databases, data aggregators, and the like. The data providers may also provide items instead of or in addition to data, such as services, etc. The data providers may provide different types of data and/or may be independent from each other. Some of the data providers may provide the same information, but still be independent from each other. For example, the three credit bureaus, Equifax®, Experian® and TransUnion℠, each provide credit information, but are independent from each other. Examples of data providers that may be included in the disclosed embodiment of the invention are discussed below.

Data provider 101 may provide a credit bureau report. The credit bureau report may include a summary of credit and payment history for an individual. Example data providers of credit bureau reports include Equifax®, Experian® and TransUnion℠.

Data provider 102 may provide a credit score. The credit score may be a single number that represents the credit default risk for an individual, based on the information contained in their credit report. Example data providers of a credit score are CreditXpert and Fair Isaac.

Data provider 103 may provide credit bureau monitoring & notification. The credit bureau monitoring & notification may include daily or weekly monitoring of new inquiries, accounts, or changes to account status or payment history on an individual credit report. Changes usually triggers a consumer notification when detected. Example data providers of credit bureau monitoring and notification include Equifax®, Experian® and TransUnion℠.

Data provider 104 may provide a quarterly credit update. The quarterly credit update may include a summary of changes to an individual's credit report between two points in time. The quarterly credit update may include items that are new, items that have changed, items removed, and items without changes. Example data providers of a quarterly credit bureau update include Equifax®, Experian® and TransUnion℠.

Data provider 105 may provide a service, identity theft expense reimbursement insurance. This may be insurance protecting an individual from the expenses associated with recovering from identity theft. (expenses related to legal work, time off of work, phone, mail, etc.). AIG and Traveler's are example data providers of insurance.

Data provider 106 may provide a direct deposit account (DDA) credit report. This report may include a summary of previous deposit account history for an individual, checking or savings accounts opened, history of any bounced checks, history of any accounts closed by banks for cause (overdraft).

Data provider 107 may provide DDA credit monitoring & notification. DDA credit monitoring & notification may include daily or weekly monitoring of new inquiries, accounts, or changes to account status or check writing history associated with DDA account credit report (checking and savings accounts). This may also involve the monitoring of this information and notification to the consumer when changes or updates detected.

Data provider 108 may provide brokerage account monitoring & notification. The brokerage account monitoring & notification may include daily, or weekly monitoring of brokerage account activity (trades, deposits, withdraws, and transfers) and notification of the account owner when activity is detected. The monitoring feature may be adjusted to only notify a consumer for activity above a certain dollar amount or type of transaction.

Data provider 109 may provide credit card transaction activity monitoring & notification. The credit card transaction activity monitoring & notification may include daily, or weekly monitoring of credit card account activity (payments posted, new authorizations, new charges posted, cash advances) and notification when activity is detected. The monitoring feature may be adjusted to only notify a consumer for activity above a certain dollar amount or type of transaction.

Data provider 110 may provide a public record report. This report may be a summary report of Information about an individual from multiple public and private data sources. The information may include addresses, property ownership, criminal records, vehicle registrations, licenses, bankruptcies, etc. An example data provider of public record reports includes LexisNexis.

Data provider 111 may provide public record monitoring & notification. The public record monitoring & notification may include monitoring of an individual's public record report for additions, deletions, and changes. Notification of a consumer may occur when, changes are detected in some or all of the data. An example data provider of public record monitoring & notification includes LexisNexis.

Data provider 112 may provide Internet monitoring & notification. Internet monitoring & notification may include Internet search technology deployed to look for instances of a person's social security number or credit card being shared openly on the Internet (web, IRC channels, discussion boards, FTP sites, etc.). A customer may be notified when a match is found in one of the monitored locations. An example data provider of Internet monitoring & notification includes Cyveillance.

Data provider 113 may provide an identity theft risk score. The score may be a composite score or risk level that indicates the likelihood that a person's identity elements (name, address, SSN, telephone, and DOB) have been used fraudulently. The score may be based on detailed analysis of new applications and reported fraud from a network of participating businesses. An example data provider of an identity theft risk score includes ID Analytics.

Data provider 114 may provide a credit card registry. The registry may be a service that allows consumers to register credit cards, so that if they ever have one or more credit cards lost or stolen, a customer service person can help contact all creditors, close accounts, have new cards issued, and initiate an emergency cash advance that can be wired to the consumer. An example data provider of a credit card registry includes Intersections, Inc.

Data provider 115 may provide data backup. The data backup may be an online data storage tool that allows users to archive or store their documents without having to purchase and manage a server.

Data provider 116 may provide background screening. Background screening may include employee/vendor background searches. An example data provider of background screening includes American Background Investigations.

Data provider 117 may provide a business report. The business report may allow businesses to pull credit file for the business. The business report may be combined with data backup and background screening. An example data provider of business reports includes Dunn& Bradstreet.

Data providers that provide other types of information are also contemplated and within the scope of the present invention.

An identity theft engine 120 may receive information from the various data providers. The engine may obtain information from specific data providers or any combination or subcombination thereof. The theft engine 120 obtains data for a particular individual 130. The theft engine 120 may query a data provider for information regarding that particular individual 130. In embodiments of the invention, information from at least two or three of data providers 106-117 may be received and combined, in any combination or subcombination, by the engine. In some embodiments of the invention, information may be received relating a financial account of the user from at least one of data providers 106-109. This data may then be combined with information from at least one of data providers 110-17. Thereafter, a report is prepared based on at least the information received from data providers 106-117. Additional information from data providers 101-105 or from other sources may also be included in the report. In an embodiment, the information received from at least one of data providers 110-112 may be cumulatively use as the user's public information. In a further embodiment of the invention, information regarding a particular individual 130 may be obtained from at least three of data sources 101-117.

The identity theft engine 120 may process the information from the data providers to generate the report. The theft engine 120 may also process the information from the data providers and determine when there is a change in the information. As is described in more detail below with respect to FIG. 2 , the theft engine 120 may process the information to produce a report regarding information about the requesting individual 130. A personalized report incorporating information from at least two or three of data providers 106-117, in any combination or subcombination may be created. The report may be provided either online, offline or both, as well as in any suitable format. The combined information from different data providers is presented to the individual 130 in a convenient manner for the individual 130 to review the information and its surround context (identity theft). Viewing the collective information in one place provides a useful tool in detecting patterns, discrepancies and the like that may be utilized to detect or prevent identity theft.

FIG. 2 illustrates a process flow 200 according to an exemplary embodiment of the Invention. In 202, a report request may be received from a user. A user may interface with the theft engine, for example via a graphical user interface (GUI). The GUI may present the user an option to purchase an identity theft solution. Part of the identity theft solution may be a report including highly sensitive, confidential information regarding an individual. Therefore, the identity of the user should be authenticated. Identity authentication may be part of a registration process. For example, when a user accesses the theft engine, a registration page may be presented. The registration page may be a GUI that requests personal information from the user, such as the user's name, address, social security number, credit card number, etc. The user may need to provide personal information that can be used to set up an account for the user as well as to authenticate the identity of the user. The identity of the user may be verified by a number of known methods, for example using eIDVerifier from Equifax. A user name and password may be created for the user to access the system. Alternatively, the user may access the system and/or be authenticated via other means, for example via telephone, etc.

Once registered and authenticated or logged in, a selection of data providers may be received from the user in 204. The user may purchase the identity theft solution, including a report or alerts containing information from the various data providers. The report may be a pre-selected bundle of types of information, which are gathered from the various independent data providers for each individual, processed by the theft engine and may be presented to the user as a single report. Accordingly, the user may make a single purchase decision, instead of individually obtaining the information from the data providers and/or being required to make numerous purchase decisions. Also, a list of possible information that may be included in the report may be presented to the user. The user may select from the list to create a custom report. In either case, the theft engine may proceed to obtain the requisite information regarding the individual from the data providers in 206. The information may then be processed by the theft engine in 20 g. After processing the information, the theft engine may store the information in a data storage unit in 210. Finally, the information may be provided to the user in 212. The information provided to the user may take several different forms, examples of which are described in the following paragraphs.

One of the most effective tools in fighting identity theft is early detection. Accordingly, the identity theft engine may provide an alert to the individual when certain information is found. For example, the identity theft engine may monitor the activity surrounding the user's personal information and credit file. Activity on new account applications and address change requests at participating credit, retail and wireless service providers may be monitored. Personal information in public records, such as change of name, phone number or address may be monitored. When suspicious changes to the information are detected, an alert may be sent to the user, for example, via e-mail, text messaging, phone mail, U.S. Mail, etc. The user may then verify the activity and take action if fraud is suspected.

Additionally, an initial report may be created when the user first purchases the identity theft solution. The report may provide a current snapshot of the user's information. Updates to the report may be generated from time to time, for example on a quarterly basis. The quarterly update may include updated reports, plus a summary of all activity reported during the previous quarter.

Turning now to FIG. 3 , a schematic diagram of an exemplary system 300 that provides an identity theft solution according to an embodiment the present invention is shown.

System 300 is intended to be accessed by a plurality of clients 301, for example individuals at computers. Such clients 301, in turn, suitably comprise one or more computers and workstations. It should be understood, nevertheless, that other clients 301 such as Web-enabled hand-held devices (e.g., the Palm V™ organizer manufactured by Palm, Inc., Santa Clara, California U.S.A., Windows CE devices, and “smart” phones) which use the wireless access protocol, and Internet appliances fall within the spirit and scope of the present invention.

Clients 301 of all types suitably access system 300 byway of the Internet 302. By use of the term “Internet”, it should be understood that the foregoing is not intended to limit the present invention to a network also known as the World Wide Web. For example, it includes intranets, extranets, Virtual Private Networks (VPNs), and the like.

Clients 301 are directed to the service provider's web servers through firewall 303, routers and proxy servers 304 and load balancer 305. Each of the web server 306 ₁, 306 ₂, . . . 306 _(n) is, in turn, preferably comprised of a HP NetServer (manufactured by Hewlett-Packard Corporation). Preferably, each of the web servers 306 ₁, 306 ₂, . . . 306 _(n) further comprises a Microsoft Windows® NT operating system, and Netscape Enterprise Server (developed by Netscape Communications, a subsidiary of America Online, Inc., Dulles, Virginia U.S.A.). Additionally, a capable PKI (Public Key Infrastructure) like Entrust or VeriSign may also be installed on each of the web servers 306 ₁, 306 ₂, . . . 306 _(n) to facilitate core digital certificate storage, issuance, and management services, as well as distribution of certificates and certificate-revocation lists to clients and other servers. Digital certificate management may be privately managed or provided by a third party certificate server. Other forms of certificate servers (e.g., web certificate servers and wireless certificate servers, which are available from VeriSign, Inc., Mountain View, California U.S.A.) may likewise be deployed on each of the webservers 306 ₁, 306 ₂, . . . 306 _(n).

System 100 further comprises a plurality of application servers 307 ₁, 307 ₂, . . . 307 _(n), coupled to and providing support to the web servers 306 ₁, 306 ₂, . . . 306 _(n). Each of the application servers 307 ₁, 307 ₂, . . . 307 _(n) is, like the web servers 306 ₁, 306 ₂, . . . 306 _(n), preferably comprised of a HP NetServer. System 100 further comprises a plurality of databases 308 ₁, 308 ₂, . . . 308 _(n), coupled to the application servers, preferably comprised of HP NetServers using Oracle. In addition to supporting the Web servers the application servers support the verification processing and other back office (batch) processing. High availability storage 309 for the database 308 is also provided and preferably is a Raid S Shared Storage.

The identity theft engine may be deployed as software running on the system described above combined with hardware, firmware and the like. Various portions of the software, hardware, and firmware may be distributed on different computers and still achieve the same functionality. A database, such as a data hub may be provided. The data hub may include both proprietary and public databases. The data hub in practice may be a number of different database at various locations. The data hub may be used to verify information as well as to store account information, identity profiles and other information. As data is obtained from the individual and from the data providers and external sources, the data may be added to the appropriate database.

The embodiments illustrated and discussed in this specification are intended only to teach those skilled in the art the best way known to the inventors to make and use the invention. Nothing in this specification should be considered as limiting the scope of the present invention. The above-described embodiments of the invention may be modified or varied, and elements added or omitted, without departing from the invention, as appreciated by those skilled in the art in light of the above teachings. For example, the order in which the steps are performed may be varied as long as the above-described dependencies are maintained. It is therefore to be understood that, within the scope of the claims and their equivalents, the invention may be practiced otherwise than as specifically described. 

1. A computer-implemented method comprising: sending, by a first computing system, content to be displayed via a first graphical user interface of a second computing system: financial monitoring data providers; public information data providers; and a cost amount associated with analyzing information obtained from the financial monitoring data providers and from the public information data providers; receiving, by the first computing system based on user interactions with the first graphical user interface: a first selection of the financial monitoring data providers and a second selection of the public information data providers; receiving, by the first computing system from a financial monitoring data provider corresponding to the first selection, financial information relating to a user of the second computing system and, from a public information data provider corresponding to the second selection, public information relating to the user of the second computing system; retrieving, from a storage, stored public information relating to the user received from the selected public information data provider; determining whether a difference between the received public information and the stored public information relating to the user, satisfies a threshold; sending, from the first computing system based on the determination of the difference satisfying the threshold, an alert to the second computing system; generating, by the first computing system based on the determination of the difference satisfying the threshold, a report relating to a risk threshold of the user; and causing, based on the report and via a second graphical user interface of the second computing system, display of the report.
 2. The computer-implemented method of claim 1, wherein the financial information relating to the user includes: a direct deposit account (DDA) of the user, a DDA monitoring of the user, a brokerage account of the user, and/or a monitoring of a credit card of the user.
 3. The computer-implemented method of claim 1, wherein the first computing system comprises a server communicatively connected, via a network, to the second computing system.
 4. The computer-implemented method of claim 1, wherein the alert is sent via email, telephone, text message, regular mail, or facsimile.
 5. The computer-implemented method of claim 1, further comprising: sending, by the first computing system, a first request to receive the financial information relating to the user from the selected financial monitoring data provider; and sending, by the first computing system, a second request to receive the public information related to the user from the selected public information data provider.
 6. The computer-implemented method of claim 1, wherein the determining the difference comprises: determining whether a first difference exists between the received public information and the stored public information; and determining, for the user, a user-selected threshold, wherein the determination is further based on the first difference and the user-selected threshold.
 7. The computer-implemented method of claim 1, further comprising: periodically monitoring, for changes in information relating to the user, information from the selected financial monitoring data provider and the selected public information data provider.
 8. The computer-implemented method of claim 1, wherein the receiving the financial information relating to the user further comprises receiving credit information related to the user, the computer-implemented method further comprising: retrieving, from the storage, stored credit information relating to the user; and determining, based on the received credit information, whether a second difference between the received credit information and the stored credit information relating to the user, satisfies a second threshold, wherein the sending the alert is further based on a determination that the second difference satisfies the second threshold.
 9. An apparatus comprising: one or more processors; memory storing instructions that, when executed by the one or more processors, cause the apparatus to: send content to be displayed via a first graphical user interface of a user computing system: financial monitoring data providers; public information data providers; and a cost amount associated with analyzing information obtained from the financial monitoring data providers and from the public information data providers; receive, based on user interactions with the first graphical user interface: a first selection of the financial monitoring data providers; and a second selection of the public information data providers; receive, from a financial monitoring data provider corresponding to the first selection, financial information relating to a user of the user computing system and, from a public information data provider corresponding to the second selection, public information relating to the user of the user computing system; retrieve, from a storage, stored public information relating to the user; determine whether a difference between the received public information and the stored public information relating to the user, satisfies a threshold; send, based on a determination of the difference satisfying the threshold, an alert to the user computing system; generate, based on the determination of the difference satisfying the threshold, a report relating to a risk threshold of the user; and cause, based on the report and via a second graphical user interface of the user computing system, display of the report.
 10. The apparatus of claim 9, wherein the financial information relating to the user includes: a direct deposit account (DDA) of the user, a DDA monitoring of the user, a brokerage account of the user, and/or a monitoring of a credit card of the user.
 11. The apparatus of claim 9, wherein the alert is sent via email, telephone, text message, regular mail, or facsimile.
 12. The apparatus of claim 9, wherein the instructions, when executed by the one or more processors, further cause the apparatus to: send a first request to receive the financial information relating to the user from the selected financial monitoring data provider; and send a second request to receive the public information related to the user from the selected public information data provider.
 13. The apparatus of claim 9, wherein the instructions to determine the difference, when executed by the one or more processors, further cause the apparatus to: determine whether a first difference exists between the received public information and the stored public information; and determine, for the user, a user-selected threshold, wherein the determination is further based on the first difference and the user-selected threshold.
 14. The apparatus of claim 9, wherein the instructions, when executed by the one or more processors, further cause the apparatus to: periodically monitor, for changes in information relating to the user, information from the selected financial monitoring data provider and the selected public information data provider.
 15. The apparatus of claim 9, wherein the instructions to receive the financial information, when executed by the one or more processors, further cause the apparatus to: receive, from the storage, stored credit information relating to the user; and determine, based on the received credit information, whether a second difference between the received credit information and the stored credit information relating to the user, satisfies a second threshold, wherein the instructions to send the alert are further based on a determination that the second difference satisfying the second threshold.
 16. One or more non-transitory media storing instructions that, when executed by one or more processors, cause the one or more processors to perform steps comprising: sending, by a first computing system, content to be displayed via a first graphical user interface of a second computing system: financial monitoring data providers; public information data providers; and a cost amount associated with analyzing information obtained from the financial monitoring data providers and from the public information data providers; receiving, by the first computing system based on user interactions with the first graphical user interface: a first selection of the financial monitoring data providers and a second selection of the public information data providers; receiving, by the first computing system from a financial monitoring data provider corresponding to the first selection, financial information relating to a user of the second computing system and, from a public information data provider corresponding to the second selection, public information relating to the user of the second computing system; retrieving, from a storage, stored public information relating to the user received from the selected public information data provider; determining whether a difference between the received public information and the stored public information relating to the user, satisfies a threshold; sending, from the first computing system based on the determination of the difference satisfying the threshold, an alert to the second computing system; generating, by the first computing system based on the determination of the difference satisfying the threshold, a report relating to a risk threshold of the user; and causing, based on the report and via a second graphical user interface of the second computing system, display of the report.
 17. The one or more non-transitory media of claim 16, wherein the financial information relating to the user includes: a direct deposit account (DDA) of the user, a DDA monitoring of the user, a brokerage account of the user, and/or a monitoring of a credit card of the user.
 18. The one or more non-transitory media of claim 16, wherein the first computing system comprises a server communicatively connected, via a network, to the second computing system.
 19. The one or more non-transitory media of claim 16, wherein the alert is sent via email, telephone, text message, regular mail, or facsimile.
 20. The one or more non-transitory media of claim 16, wherein the instructions, when executed by the one or more processors, cause the one or more processors to perform further steps comprising: sending, by the first computing system, a first request to receive the financial information relating to the user from the selected financial monitoring data provider; and sending, by the first computing system, a second request to receive the public information related to the user from the selected public information data provider. 